'".$i."'"); $result = dbquery("UPDATE ".DB_FORUM_POLLS." SET forum_poll_votes=forum_poll_votes-".$data['forum_poll_option_votes']." WHERE thread_id='".$_GET['thread_id']."'"); } elseif (isset($_POST['add_poll_option'][$i])) { if (trim($poll_option)) { $poll_opts[] = trim(stripinput($poll_option)); $result = dbquery("INSERT INTO ".DB_FORUM_POLL_OPTIONS." (thread_id, forum_poll_option_id, forum_poll_option_text, forum_poll_option_votes) VALUES('".$_GET['thread_id']."', '".$i."', '".trim(stripinput($poll_option))."', '0')"); } } elseif (isset($_POST['update_poll_option'][$i])) { if (trim($poll_option)) { $poll_opts[] = trim(stripinput($poll_option)); $result = dbquery("UPDATE ".DB_FORUM_POLL_OPTIONS." SET forum_poll_option_text='".trim(stripinput($poll_option))."' WHERE thread_id='".$_GET['thread_id']."' AND forum_poll_option_id='".$i."'"); } } else { if (trim($poll_option)) { $poll_opts[] = trim(stripinput($poll_option)); } } $i++; } } else { $poll_opts = array(); } } } if (isset($_POST['previewchanges'])) { if ($message == "") { $previewmessage = $locale['421']; } else { $previewmessage = $message; if (!$disable_smileys_check) { $previewmessage = parsesmileys($previewmessage); } $previewmessage = parseubb($previewmessage); $previewmessage = nl2br($previewmessage); } $udata = dbarray(dbquery("SELECT user_id, user_name, user_status, user_avatar, user_level, user_posts, user_joined FROM ".DB_USERS." WHERE user_id='".$pdata['post_author']."'")); add_to_title($locale['global_201'].$locale['405']); opentable($locale['405']); echo "
".$settings['sitename']." » ".$caption."
\n"; if ($fdata['forum_poll'] && checkgroup($fdata['forum_poll'])) { if ($tdata['thread_poll'] == 1 && ($pdata['post_author'] == $tdata['thread_author']) && ($userdata['user_id'] == $tdata['thread_author'] || iSUPERADMIN || iMOD)) { if ((isset($poll_title) && $poll_title != "") && (isset($poll_opts) && is_array($poll_opts))) { echo "\n\n"; echo "\n\n\n\n\n
".$poll_title."
\n"; echo "\n"; foreach ($poll_opts as $poll_option) { echo "\n\n\n"; $i++; } echo "
".$poll_option."
\n
\n"; } } } echo "\n\n"; echo "\n\n"; echo "\n\n"; echo "\n"; echo "\n\n\n\n"; echo "\n
".$subject."
".profile_link($udata['user_id'], $udata['user_name'], $udata['user_status'])."".$locale['426'].showdate("forumdate", time())."
".$previewmessage; echo "
\n".$locale['427'].profile_link($userdata['user_id'], $userdata['user_name'], $userdata['user_status'])."".$locale['428'].showdate("forumdate", time())."
\n"; closetable(); } } if (isset($_POST['savechanges'])) { if (isset($_POST['delete'])) { $result = dbquery("SELECT post_author FROM ".DB_POSTS." WHERE post_id='".$_GET['post_id']."' AND thread_id='".$_GET['thread_id']."'"); if (dbrows($result)) { $data = dbarray($result); $useris = dbarray(dbquery("SELECT * FROM ".DB_POSTS." WHERE post_id='".$_GET['post_id']."' AND thread_id='".$_GET['thread_id']."'")); $result = dbquery("UPDATE ".DB_USERS." SET user_posts=user_posts-1 WHERE user_id='".$useris['post_author']."'"); $result = dbquery("DELETE FROM ".DB_POSTS." WHERE post_id='".$_GET['post_id']."' AND thread_id='".$_GET['thread_id']."'"); $result = dbquery("UPDATE ".DB_FORUMS." SET forum_postcount=forum_postcount-1 WHERE forum_id = '".$_GET['forum_id']."'"); $result = dbquery("SELECT * FROM ".DB_FORUM_ATTACHMENTS." WHERE post_id='".$_GET['post_id']."'"); if (dbrows($result)) { while ($attach = dbarray($result)) { unlink(FORUM."attachments/".$attach['attach_name']); $result2 = dbquery("DELETE FROM ".DB_FORUM_ATTACHMENTS." WHERE post_id='".$_GET['post_id']."'"); } } $posts = dbcount("(post_id)", DB_POSTS, "thread_id='".$_GET['thread_id']."'"); if (!$posts) { $result = dbquery("DELETE FROM ".DB_THREADS." WHERE thread_id='".$_GET['thread_id']."' AND forum_id='".$_GET['forum_id']."'"); $result = dbquery("DELETE FROM ".DB_THREAD_NOTIFY." WHERE thread_id='".$_GET['thread_id']."'"); $result = dbquery("UPDATE ".DB_FORUMS." SET forum_threadcount=forum_threadcount-1 WHERE forum_id = '".$_GET['forum_id']."'"); } $result = dbquery("SELECT * FROM ".DB_FORUMS." WHERE forum_id='".$_GET['forum_id']."' AND forum_lastuser='".$pdata['post_author']."' AND forum_lastpost='".$pdata['post_datestamp']."'"); if (dbrows($result)) { $result = dbquery(" SELECT p.forum_id, p.post_author, p.post_datestamp FROM ".DB_POSTS." p LEFT JOIN ".DB_THREADS." t ON p.thread_id=t.thread_id WHERE p.forum_id='".$_GET['forum_id']."' AND thread_hidden='0' AND post_hidden='0' ORDER BY post_datestamp DESC LIMIT 1"); if (dbrows($result)) { $pdata2 = dbarray($result); $result = dbquery("UPDATE ".DB_FORUMS." SET forum_lastpost='".$pdata2['post_datestamp']."', forum_lastuser='".$pdata2['post_author']."' WHERE forum_id='".$_GET['forum_id']."'"); } else { $result = dbquery("UPDATE ".DB_FORUMS." SET forum_lastpost='0', forum_lastuser='0' WHERE forum_id='".$_GET['forum_id']."'"); } } if ($posts) { $result = dbcount("(thread_id)", DB_THREADS, "thread_id='".$_GET['thread_id']."' AND thread_lastpostid='".$_GET['post_id']."' AND thread_lastuser='".$pdata['post_author']."'"); if (!empty($result)) { $result = dbquery("SELECT thread_id, post_id, post_author, post_datestamp FROM ".DB_POSTS." WHERE thread_id='".$_GET['thread_id']."' AND post_hidden='0' ORDER BY post_datestamp DESC LIMIT 1"); $pdata2 = dbarray($result); $result = dbquery("UPDATE ".DB_THREADS." SET thread_lastpost='".$pdata2['post_datestamp']."', thread_lastpostid='".$pdata2['post_id']."', thread_postcount=thread_postcount-1, thread_lastuser='".$pdata2['post_author']."' WHERE thread_id='".$_GET['thread_id']."'"); } } add_to_title($locale['global_201'].$locale['407']); opentable($locale['407']); echo "

\n".$locale['445']."

\n"; if ($posts > 0) { echo "".$locale['447']." ::\n"; } echo "".$locale['448']." ::\n"; echo "".$locale['449']."

\n
\n"; closetable(); } } else { $error = 0; if ($pdata['first_post'] == $_GET['post_id']) { $subject = trim(stripinput(censorwords($_POST['subject']))); } $message = trim(stripinput(censorwords($_POST['message']))); $smileys = isset($_POST['disable_smileys'])|| preg_match("#(\[code\](.*?)\[/code\]|\[geshi=(.*?)\](.*?)\[/geshi\]|\[php\](.*?)\[/php\])#si", $message) ? "0" : "1"; $updateSig = (isset($_POST['post_showsig']) && isNum($_POST['post_showsig']) ? "post_showsig='".$_POST['post_showsig']."'," :""); $post_locked = (isset($_POST['post_locked']) && $_POST['post_locked'] == 1 ? 1 : 0); if (iMEMBER) { if ($message != "") { if (isset($_POST['hide_edit'])) { $post_edit_time = 0; $reason = ""; } else { $thread_lastpost = dbarray(dbquery("SELECT post_id FROM ".DB_POSTS." WHERE thread_id='".$_GET['thread_id']."' ORDER BY post_id DESC LIMIT 1")); if ($thread_lastpost['post_id'] == $_GET['post_id'] && time() - $pdata['post_datestamp'] < 5*60) { $post_edit_time = 0; $reason = ""; } elseif ($settings['forum_editpost_to_lastpost']) { $post_edit_time = time(); $reason = trim(stripinput(censorwords($_POST['edit_reason']))); $lastPost = dbcount("(thread_id)", DB_THREADS, "thread_lastpostid='".$_GET['post_id']."'"); if ($lastPost > 0) { $result = dbquery("UPDATE ".DB_THREADS." SET thread_lastpost='".$post_edit_time."' WHERE thread_id='".$_GET['thread_id']."'"); } $forum_lastpost = dbarray(dbquery("SELECT post_id FROM ".DB_POSTS." WHERE forum_id='".$_GET['forum_id']."' ORDER BY post_id DESC LIMIT 1")); if ($forum_lastpost['post_id'] == $_GET['post_id']) { $result = dbquery("UPDATE ".DB_FORUMS." SET forum_lastpost='".$post_edit_time."' WHERE forum_id='".$_GET['forum_id']."'"); } } else { $post_edit_time = time(); $reason = trim(stripinput(censorwords($_POST['edit_reason']))); } } $result = dbquery( "UPDATE ".DB_POSTS." SET post_message='".$message."', ".$updateSig." post_smileys='".$smileys."', post_edituser='".$userdata['user_id']."', post_edittime='".$post_edit_time."', post_editreason='".$reason."', post_locked='".$post_locked."' WHERE post_id='".$_GET['post_id']."'" ); if ($pdata['first_post'] == $_GET['post_id'] && $subject != "") { $result = dbquery("UPDATE ".DB_THREADS." SET thread_subject='".$subject."' WHERE thread_id='".$_GET['thread_id']."'"); } foreach ($_POST as $key=>$value){ if(!strstr($key, "delete_attach")) continue; $key = str_replace("delete_attach_", "", $key); $result = dbquery("SELECT * FROM ".DB_FORUM_ATTACHMENTS." WHERE post_id='".$_GET['post_id']."' and attach_id='$key'"); if (dbrows($result) != 0 && $value) { $adata = dbarray($result); unlink(FORUM."attachments/".$adata['attach_name']); $result = dbquery("DELETE FROM ".DB_FORUM_ATTACHMENTS." WHERE post_id='".$_GET['post_id']."' and attach_id='".$key."'"); } } if ($fdata['forum_attach'] && checkgroup($fdata['forum_attach'])) { foreach($_FILES as $attach){ if ($attach['name'] != "" && !empty($attach['name']) && is_uploaded_file($attach['tmp_name'])) { $attachname = stripfilename(substr($attach['name'], 0, strrpos($attach['name'], "."))); $attachext = strtolower(strrchr($attach['name'],".")); if (preg_match("/^[-0-9A-Z_\[\]]+$/i", $attachname) && $attach['size'] <= $settings['attachmax']) { $attachtypes = explode(",", $settings['attachtypes']); if (in_array($attachext, $attachtypes)) { $attachname .= $attachext; $attachname = attach_exists(strtolower($attachname)); move_uploaded_file($attach['tmp_name'], FORUM."attachments/".$attachname); chmod(FORUM."attachments/".$attachname,0644); if (in_array($attachext, $imagetypes) && (!@getimagesize(FORUM."attachments/".$attachname) || !@verify_image(FORUM."attachments/".$attachname))) { unlink(FORUM."attachments/".$attachname); $error = 1; } if (!$error) $result = dbquery("INSERT INTO ".DB_FORUM_ATTACHMENTS." (thread_id, post_id, attach_name, attach_ext, attach_size) VALUES ('".$_GET['thread_id']."', '".$_GET['post_id']."', '".$attachname."', '".$attachext."', '".$attach['size']."')"); } else { @unlink($attach['tmp_name']); $error = 1; } } else { @unlink($attach['tmp_name']); $error = 2; } } } } } else { $error = 3; } } else { $error = 4; } redirect("postify.php?post=edit&error=$error&forum_id=".$_GET['forum_id']."&thread_id=".$_GET['thread_id']."&post_id=".$_GET['post_id']); } } else { if (!isset($_POST['previewchanges']) && !isset($_POST['update_poll_title']) && !isset($_POST['update_poll_option']) && !isset($_POST['delete_poll_option']) && !isset($_POST['add_poll_option'])) { $subject = $pdata['thread_subject']; $message = $pdata['post_message']; $edit_reason = $pdata['post_editreason']; $disable_smileys_check = ($pdata['post_smileys'] == "0" ? " checked='checked'" : ""); $sig_checked = ($pdata['post_showsig'] ? " checked='checked'" : ""); $post_locked = ($pdata['post_locked'] ? " checked='checked'" : ""); $del_check = ""; if ($pdata['post_author'] == $tdata['thread_author'] && $tdata['thread_poll'] == 1) { $result = dbquery("SELECT * FROM ".DB_FORUM_POLLS." WHERE thread_id='".$_GET['thread_id']."'"); if (dbrows($result)) { $data = dbarray($result); $poll_title = $data['forum_poll_title']; $result = dbquery("SELECT forum_poll_option_text FROM ".DB_FORUM_POLL_OPTIONS." WHERE thread_id='".$_GET['thread_id']."' ORDER BY forum_poll_option_id ASC"); while ($data = dbarray($result)) { $poll_opts[] = $data['forum_poll_option_text']; } } } } opentable($locale['408']); if (!isset($_POST['previewchanges'])) echo "
".$settings['sitename']." » ".$caption."
\n"; echo "
\n"; echo "\n\n"; if ($pdata['first_post'] == $_GET['post_id']) { echo "\n"; echo "\n"; echo "\n\n"; } echo "\n"; echo "\n"; echo "\n\n"; echo "\n"; echo "\n"; echo "\n\n"; echo "\n"; echo "\n"; echo "\n\n"; echo "\n"; echo "\n\n"; if ($fdata['forum_attach'] && checkgroup($fdata['forum_attach'])) { add_to_head("\n"); echo "\n\n\n\n"; } if ($fdata['forum_poll'] && checkgroup($fdata['forum_poll'])) { if ($tdata['thread_poll'] && ($pdata['post_author'] == $tdata['thread_author']) && ($userdata['user_id'] == $tdata['thread_author'] || iSUPERADMIN || iMOD)) { echo "\n\n"; echo "\n\n"; echo "\n"; echo "\n\n"; $i = 1; if (isset($poll_opts) && is_array($poll_opts)) { foreach ($poll_opts as $poll_option) { echo "\n\n"; echo "\n\n"; $i++; } echo "\n\n"; echo "\n\n"; } else { echo "\n\n"; echo "\n\n"; } } } echo "\n\n\n
".$locale['460']."
".$locale['461']."
 ".display_bbcodes("99%", "message")."
".$locale['474']."
".$locale['463']."\n"; echo "
\n"; if (array_key_exists("user_sig", $userdata) && $userdata['user_sig']) { echo "
\n"; } if(iMOD || iADMIN) echo "
\n"; if(iMOD || iADMIN) echo "
\n"; echo "\n"; echo "
".$locale['464']."\n"; $result = dbquery("SELECT attach_id, attach_name FROM ".DB_FORUM_ATTACHMENTS." WHERE post_id='".$_GET['post_id']."'"); $counter = 0; if (dbrows($result)) { while($adata = dbarray($result)){ if($counter > 0) echo "
\n"; echo "\n"; echo "".$adata['attach_name']." [".parsebytesize(filesize(FORUM."attachments/".$adata['attach_name']))."]\n"; $counter++; } echo "

\n"; } $max = ($settings['attachmax_count'] - $counter <= 0 ? "-2" : $settings['attachmax_count'] - $counter); echo "
\n"; echo "".sprintf($locale['466'], parsebytesize($settings['attachmax']), str_replace(',', ' ', $settings['attachtypes']), $settings['attachmax_count'])."\n"; echo "
\n"; echo "\n"; echo "
".$locale['468']."
".$locale['469']."\n"; echo "\n"; echo "\n
".$locale['470']." ".$i."\n"; echo "\n"; echo "\n
".$locale['470']." ".$i."\n"; echo "
".$locale['470']."\n"; echo "
\n"; echo "\n"; echo "\n"; echo "
\n
\n"; closetable(); } ?>